Major security flaw means your Wi-Fi could be hacked

Hackers can exploit this vulnerability to steal your credit card numbers, passwords, emails, photos, and more.

While Windows users were dutifully installing October 10th's Patch Tuesday security updates, little did they know they were also installing a fix for the KRACK vulnerability that was not publicly disclosed until today.

US-CERT has become aware of several key management vulnerabilities in the 4-way handshake of the Wi-Fi Protected Access II (WPA2) security protocol.

Finnish security firm F-Secure said experts have always been cautious about Wi-Fi's ability to withstand security challenges of the 21st century.

Belgian researcher Mathy Vanhoef revealed in a paper, titled "Key Reinstallation Attacks: Forcing Nonce Reuse in WPA2", that if a certain step of the WPA2 protocol was repeated, it would cause the network to reuse what should be a one-time encryption key to encode the data stream. The attacker can use this technique to read information that was previously assumed to be safely encrypted.

Iraqi forces enter Kirkuk as Kurds flee
U.S. officials said they were "engaged with all parties in Iraq to de-escalate tension". Before 2014, the Iraqi government extracted and exported oil from Kirkuk's fields.

Sask. Premier Brad Wall rips Ottawa over Energy East cancellation
We got a lot of other things on the go. "This is an important day in the fight against climate change in Canada". Governments need to step up with a plan to assist oil sands workers in transitioning into clean energy jobs".

Stanton comes up short of 60 homers
The victor will advance to play the Los Angeles Dodgers in the NL Division Series beginning on Friday in Los Angeles. Norichika Aoki had one hit in four at-bats in the New York Mets' 11-0 loss to the Philadelphia Phillies .

Also, with a usage of smart devices, users should check for the latest firmware updates that have been made available.

The group says the problem can be resolved through straightforward software updates. "There is no evidence that the vulnerability has been exploited maliciously", the organization added. Several wireless AP vendors already have patches available for installation. But if you're using Windows, you're all set: Microsoft already issued a patch that fixes the flaw. "Customers who apply the update, or have automatic updates enabled, will be protected", a representative of Microsoft told The Verge. The Consumerist, which notes that "basically every device on earth" is affected, says users should also install security updates on any connected devices as soon as prompted.

KRACK requires the hacker to be in range of a target's Wi-Fi, so it can't be done remotely. It is expected that nearly all manufacturers will roll out updates for routers that are now in use with consumers-you will just need to keep an eye out for those on the website of your router's manufacturer-there are different installation and update processes for different router types. After all, if you're sharing a public Wi-Fi network with tens or hundreds of other strangers, you're likely more vulnerable than you are in the privacy of your home.

This padlock will appear on all HTTPS sites. "Users can expect all their Wi-Fi devices, whether patched or unpatched, to continue working well together", the statement said. Apple, Android and Windows software are all susceptible to some version of the vulnerability, which is not fixed by changing Wi-Fi passwords.


Popular
  • The Latest Trailer For Netflix's 'Stranger Things' Season 2 Is Here!

    The Latest Trailer For Netflix's 'Stranger Things' Season 2 Is Here!

    The trailer included below, fills at least some of the gaps the first season cliffhanger left us with. Get ready to return to the "Upside Down"-because it's coming whether you're ready or not".
    Swedish journalist Kim Wall's severed head found in Copenhagen Bay

    Swedish journalist Kim Wall's severed head found in Copenhagen Bay

    The creator initially asserted he had dropped Wall off ashore the evening of August 10, as indicated by a police explanation. He has been detained for a further four weeks while the body parts are investigated to try and establish a cause of death.
    Restrictions in Srinagar to prevent Muharram processions

    Restrictions in Srinagar to prevent Muharram processions

    The main Ashura procession in Karachi began from Nishtar Park with a Majlis (address) by Allama Shahenshah Hussain Naqvi. Cellular services, which remained suspended in different cities during the last three days, were restored.
  • Iran Guard chief warns United States  against imposing new sanctions

    Iran Guard chief warns United States against imposing new sanctions

    Iran's ballistic missile program has triggered the discontent and concerns of other states, in particular, the United States.

    Did he enter the TSK Idlib: President Erdogan explained

    The province is dominated by jihadist groups and Mr Erdogan has said he will not allow a "terror corridor" on the Turkish border. Turkey has been moving military equipment to its border with Syria since June 21.
    Can AR tech revive ailing Toys R Us?

    Can AR tech revive ailing Toys R Us?

    Toys R filed for Chapter 11 bankruptcy protection on September 18 as it had to pay off hundreds of millions in debt. But the limited features feel a bit gimmicky unless Toys R Us can keep updating or releasing fresh app content.
  • British pound sinks as BOE members signal unwillingness to raise rates

    British pound sinks as BOE members signal unwillingness to raise rates

    In testimony to lawmakers on Tuesday, Carney said he's "more likely than not" to have to write that letter in October or November. However, the British pound remained lower against the dollar despite confirmation of Carney's view on inflation.

    Google uncovers Russian-bought Trump ads

    As the article notes, the company has previously downplayed its involvement in Russia's potential election interference. This was perhaps easiest because Russia-linked accounts purchased as much as $270,000 on the social network in 2016.
    Netanyahu: Israel Won't Accept 'Fake Reconciliation' Between Hamas Terrorists and Fatah

    Netanyahu: Israel Won't Accept 'Fake Reconciliation' Between Hamas Terrorists and Fatah

    More than two million people live in impoverished Gaza, which has been blockaded by Israel and Egypt for years. Fawzy traveled to Gaza to meet the Palestinian government, following a meeting in Ramallah with Abbas.
  • Duchess Kate gives it a twirl with dancing bear Paddington

    Duchess Kate gives it a twirl with dancing bear Paddington

    Hold on to your proverbial hats: Prince William and Kate Middleton have announced the due date for their third royal baby. The new baby will be the fifth in line to the throne, with Prince Harry - the child's uncle - being pushed into sixth.
    PM inaugurates first AIIMS like Ayurveda Institute

    PM inaugurates first AIIMS like Ayurveda Institute

    PM Modi said that Ayurveda is not just a medical practice, but encompasses public health and environment health as well. He said the time had come for a "health revolution" under the aegis of the traditional medicine system.
    How to Watch Diamondbacks vs. Dodgers Game 1 Without Cable

    How to Watch Diamondbacks vs. Dodgers Game 1 Without Cable

    Ray was 6-0, including two victories over the Dodgers, with a 2.28 ERA after being activated from the disabled list on August 24. There will be a day off Sunday as the teams head to Phoenix, so Greinke will have his usual four days of rest between starts.

CONNECT